Skip to main content
Nemofy
Book a demo

Security & governance

The model that lets compliance buyers convert.

Multi-tenancy at the data layer. Role-based access across every surface. Audit logs with PII redaction. Identity federated with what you already run.

01 · Tenant isolation

Isolation enforced at the data layer.

TenantContext + repository-level filters via the X-TENANT-ID header. Per-tenant providers, per-tenant audit, per-tenant routing. Not edge-routed — data-routed.

02 · Role-based access

One role model. Three surfaces.

Roles defined in Keycloak. Scopes apply to the admin UI, the REST API, the SDKs, and the CLI uniformly. Service tokens are scoped — agents inherit the same permission model as humans.

03 · Audit & PII redaction

Every notification, every config change, logged.

Audit log entries record actor, action, resource, and timestamp. PII redaction is opt-in via the confidential event flag — when set, payload contents are stored hashed in the log while the platform's routing decisions are preserved.

04 · Data residency

On-prem implications, said plainly.

All notification data stays inside your perimeter. The platform's database lives where you put it. The provider call leaves your network only when Nemofy hands the message to the provider's API. No vendor cloud holds your data.

05 · Identity integration

Federated. No parallel user store.

Keycloak federates with your existing AD, LDAP, or SAML directory. Login policies, MFA, password rotation — yours, not Nemofy's. Service accounts are managed in the same place as human accounts.

06 · What Nemofy is not

Said out loud, so the wrong fit walks away early.

The list below is the positioning, not a gap in it. Compliance buyers convert on this page because the line between shipped and roadmap is clean.

  • Nemofy is not an engagement platform.

    No open rates. No click optimization. No conversion-rate framing. The messages we route are messages your business has to send — transactional, operational, regulated.

  • No in-app inbox.

    Not on the roadmap. If you need an in-app inbox, you need a different product.

  • Workflow orchestration and AI step nodes are roadmap.

    Designed, architected, not built. Multi-step orchestration with delays, conditions, digest, and escalation is on the path. AI step nodes for compliance, channel selection, translation, and sentiment gating are on the path. Today, neither is shipped.

  • Not SOC 2 / ISO 27001 certified.

    The platform deploys on the infrastructure you operate — your compliance posture covers it. Independent certification of the Nemofy distribution itself is on the path; it is not in place today.

  • No SaaS variant.

    Nemofy runs in your environment. We do not operate a hosted multi-tenant cloud. If a hosted SaaS notification platform is what you need, you should look at Suprsend or Knock.